Dbochman/1password
openclaw/skills/1password/SKILL.md
Read secrets, credentials, and payment information from the OpenClaw 1Password vault. Use when asked about passwords, API keys, credit card details, SSH keys, or any stored credentials. Also use when making purchases that require card information.
$ install --global
skillsauthnpx skillsauth add Dbochman/dotfiles 1passwordInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 17, 2026, 1:49 AM11.4s1 file scanned
SKILL.md
- name:
- 1password
- description:
- Read secrets, credentials, and payment information from the OpenClaw 1Password vault. Use when asked about passwords, API keys, credit card details, SSH keys, or any stored credentials. Also use when making purchases that require card information.
- allowed-tools:
- Bash(1password:*)
- metadata:
- {"openclaw":{"emoji":"🔐","requires":{"bins":["op"]}}}
1Password Vault Access
Read secrets and credentials from the OpenClaw vault via the op CLI. The service account has read-only access.
Setup
The service account token is at ~/.openclaw/.env-token. Set it before using op:
export OP_SERVICE_ACCOUNT_TOKEN=$(cat ~/.openclaw/.env-token)
Reading Secrets
Read a specific field
export OP_SERVICE_ACCOUNT_TOKEN=$(cat ~/.openclaw/.env-token)
op read "op://OpenClaw/Item Name/field"
Common items in the vault
| Item | Field | Read Command |
|------|-------|-------------|
| OpenAI API Key | password | op read "op://OpenClaw/OpenAI API Key/password" |
| ElevenLabs API Key | password | op read "op://OpenClaw/ElevenLabs API Key/password" |
| Gateway Token | password | op read "op://OpenClaw/OpenClaw Gateway Token/password" |
| BlueBubbles Password | password | op read "op://OpenClaw/BlueBubbles Password/password" |
| Star Market | password, username | op read "op://OpenClaw/Star Market/password" |
| Digital Ocean API | credential | op read "op://OpenClaw/Digital Ocean API Credential/credential" |
| Tavily | password | op read "op://OpenClaw/Tavily/password" |
| Google Places API | password | op read "op://OpenClaw/Google Places API/password" |
| OpenRouter | password | op read "op://OpenClaw/OpenRouter/password" |
| Resy | password | op read "op://OpenClaw/Resy/password" |
| OpenTable | password | op read "op://OpenClaw/OpenTable/password" |
Credit Card (Visa)
export OP_SERVICE_ACCOUNT_TOKEN=$(cat ~/.openclaw/.env-token)
op read "op://OpenClaw/Visa/number" # Card number
op read "op://OpenClaw/Visa/expiry date" # Expiration (YYYYMM)
op read "op://OpenClaw/Visa/verification number" # CVV
op read "op://OpenClaw/Visa/cardholder name" # Cardholder
op read "op://OpenClaw/Visa/credit limit" # Spending cap
op read "op://OpenClaw/Visa/address" # Billing address
List all items
export OP_SERVICE_ACCOUNT_TOKEN=$(cat ~/.openclaw/.env-token)
op item list --vault OpenClaw --format json
Get full item details
export OP_SERVICE_ACCOUNT_TOKEN=$(cat ~/.openclaw/.env-token)
op item get "Item Name" --vault OpenClaw --format json
Using Credit Card for Purchases
When making online purchases with the credit card:
- Read card details from 1Password (never from files)
- Use browser automation to navigate to the checkout page
- Fill in payment fields with the card data
- Always confirm with Dylan before completing any purchase
- Never log or display full card numbers — show only last 4 digits
Purchase Safety Rules
- ALWAYS ask Dylan for confirmation before submitting any payment
- NEVER share card details in messages, logs, or chat
- When displaying card info to Dylan, mask it:
****-****-****-0298 - If a purchase requires 2FA or SMS verification, notify Dylan
- Check credit limit before purchasing
- NEVER exceed the credit limit — this is a hard spending cap set by Dylan
- Flag anything over $100 for explicit approval even if under the limit
Notes
- The service account is read-only — cannot create or modify vault items
- The vault is named
OpenClaw— only items in this vault are accessible - Items in other vaults (
Private, etc.) are NOT accessible - The
OP_SERVICE_ACCOUNT_TOKENis loaded from~/.openclaw/.env-token
CRITICAL: LaunchAgent Scripts That Call op
Any script run by a LaunchAgent that calls op (directly or via a CLI like opentable, resy, nest) MUST set OP_SERVICE_ACCOUNT_TOKEN before invoking op. Without it, op falls back to the 1Password desktop app's Mach bootstrap service, which triggers a GUI permission popup for "bash" every run. On a headless Mini with no VNC, this popup is impossible to approve and the op call hangs until timeout.
# Add this near the top of any LaunchAgent script that may call op
if [[ -f "$HOME/.openclaw/.env-token" ]]; then
export OP_SERVICE_ACCOUNT_TOKEN=$(cat "$HOME/.openclaw/.env-token")
fi
This applies even to scripts that only indirectly call op — e.g., a bash script that calls opentable snipe, which internally calls op read when its credential cache expires. See LAUNCHAGENTS.md § New LaunchAgent Checklist for the full list of rules.
Secret Caching (Gateway Only)
The gateway wrapper uses a cached secrets file instead of calling op read at startup.
This is a necessary exception to the "read from 1Password at runtime" principle.
Why caching is required
On macOS Tahoe (26.x), op read hangs indefinitely when called from a LaunchAgent
context. The 1Password CLI spawns an op daemon --background process that attempts to
connect to the 1Password desktop app via a Mach bootstrap service. Under launchd, this
connection blocks forever because the desktop app requires user interaction (Touch ID/GUI
prompt) that can't happen in a non-GUI launchd context.
Every approach was tested and failed:
OP_SERVICE_ACCOUNT_TOKENalone — daemon still spawns before token is evaluatedOP_BIOMETRIC_UNLOCK_ENABLED=false— Mach port connection precedes env check--config /isolated/dir— new daemon spawns, same behaviorenv -iminimal environment — Mach ports are per-user-session, not env-based- Background process + kill timer — works but each
opinvocation also triggers incessant TCC "op would like to access data" popups on Tahoe that don't persist
The only reliable solution is to never call op from the launchd wrapper at all.
How it works
- Cache file:
~/.openclaw/.secrets-cache(chmod 600, KEY=VALUE format) - Gateway wrapper sources the cache via
set -a; source $CACHE; set +a - Refresh helper:
~/bin/openclaw-refresh-secrets— fetches secrets from 1Password viaop readand writes them to the cache. Run over SSH after key rotation. op readworks fine over SSH and in interactive terminals — only launchd is broken.
Security posture
- Cache file is
chmod 600(owner-only read/write) - File lives outside the dotfiles repo (not committed to git)
- Refresh is manual — secrets only update when explicitly requested
- After rotating any API key in 1Password, you must SSH into the Mini and run:
~/bin/openclaw-refresh-secrets - The agent itself still uses
op readat runtime for on-demand secret access (this works because the agent runs inside the gateway's node process, which already has the secrets loaded as environment variables)
Related Skills
Dbochman/web-search
development
VerifiedTrustedCommunity
Search the web for current information, news, facts, and answers. Use when asked questions about current events, needing to look something up, finding websites, researching topics, or when you need up-to-date information beyond your training data.
1SKILL.mdUpdated Apr 17, 2026
Dbochman/summarize
development
VerifiedTrustedCommunity
Summarize any URL, YouTube video, podcast, PDF, or file into concise text. Use when asked to read an article, summarize a link, get the gist of a video or podcast, extract content from a URL, or when you need to understand what a web page or document contains.
1SKILL.mdUpdated Apr 17, 2026
Dbochman/spotify-speakers
development
VerifiedTrustedCommunity
Play music via Spotify and control Google Home speakers. Use when asked to play music, songs, artists, playlists, podcasts, or control speakers/volume/audio.
1SKILL.mdUpdated Apr 17, 2026
Dbochman/skill-creator
testing
VerifiedTrustedCommunity
Create new OpenClaw skills, modify and improve existing skills, and measure skill performance with evals. Use when users want to create a skill from scratch, update or optimize an existing skill, run evals to test a skill, benchmark skill performance with variance analysis, or optimize a skill's description for better triggering accuracy. Also use when asked to "make a skill", "turn this into a skill", "improve this skill", or "test this skill".
1SKILL.mdUpdated Apr 17, 2026